Did high-end drone crash on its own, or come down after electronic countermeasure attack?

ITworld|December 7, 2011

As usual when it comes to conflicts between Iran and the U.S., governments of the two countries have released vastly different, equally unprovable versions of the story behind the loss of a U.S. drone spy plane.

Iran claims to have downed an unmanned U.S. spy plane flying deep within its own territory, though it has yet to publish pictures or other evidence of the downed spy plane.

The RQ-170 flies high – 30,000 to 50,000 feet – to avoid anti-aircraft fire from the ground, or interception by lower-flying fighter planes.

In Afghanistan – which has little anti-aircraft capability more sophisticated than low-altitude, shoulder-fired missiles with a range of only a few thousand feet – there is no reason to use such a high-flying stealth drone, Sky News points out.

Pakistan and Iran, both of which have comparatively sophisticated anti-aircraft detection and weapons systems, border on Afghanistan, making them U.S. bases in Afghanistan ideal launch points for reconnaissance missions over both countries – one overtly hostile, one a titular ally with many factions in the military and government that are hostile to the U.S.

U.S. forces have been very successful for several years using lower-altitude Predators to whittle away the ranks of No. 2 leaders of al Queda.

U.S. officials have consistently denied flying spy missions into Iranian air space, though Iranian officials have said since 2005 that they have been monitoring U.S. spy plane missions in their air space.

A Pentagon spokesperson said there was no indication the drone was brought down by hostile action and repeated that the drone was on a scouting mission over Western Afghanistan; it was not tasked with entry into Iran.

Did Russia send Iran a digital drone killer?

It's not clear whether Iran actually did bring the drone down, let alone whether it was downed by anti-aircraft missiles or guns, or if it was brought down with electronic countermeasures (ECM).

ECM systems are normally carried on fighter planes to scramble radar, GPS and other anti-aircraft gun or missile guidance systems. Used from the ground against drones, ECM can break the link with pilots flying with remote control or confuse the guidance systems within drones programmed to fly on their own using GPS or other internal guidance systems.

RQ-170s are programmed with two levels of safety systems; the first, which takes over if the drone loses radio-control contact with controllers, tells it to use onboard GPS and navigational equipment to fly back to the base from which it took off.

The second, though unconfirmed, safety system is a self-destruct system that would ruin the full-motion capture, encryption and radio-control systems that would give Iranian engineers – or more likely engineers from allies Russia or China – insight into operation and security of America's newest front-line drone, according to National Journal.

The drone carries full-motion video capture systems as well as sensors to detect airborne chemical signatures that might come from a nuclear-fuel development facility as well as cell-phone-network receptors that could allow it to eavesdrop on local wireless conversations, according to the LA Times.

Newer versions of the video cams that are the RG-170s key asset can collect 65 times as much data, automated so it doesn't have to be monitored continually as current versions do.

The next generation – called the Argus –IS – will cover as much as 40 square kilometers in a single shot, with resolution equal to 15 centimeters of ground per pixel. That's enough to easily track individuals on foot as well as vehicles or buildings, according to Aviation Week.

Was drone part of cyberwar?

The question about the downed drone is not whether it was gathering intelligence on Iran's nuclear facilities –which have been a top U.S. intelligence-gathering priority for years.

Spy-plane flyovers are purely routine compared to the assassination of Iranian nuclear scientists, sabotage inflicted by the Stuxnet computer virus and mysterious explosions at several Iranian nuclear sites in recent weeks.

"It does appear that there is a campaign of assassinations and cyber war, as well as the semi-acknowledged campaign of sabotage," Clawson told the Daily Mail. "It looks like the 21st century form of war."

It is still not clear whether the U.S. and/or Israel were behind development and release of the Stuxnet virus that was coded specifically to attack software controlling fuel-purifying centrifuges at Iran's Bushehr nuclear-development facility.

Nuclear expert Mark Hibbs at the Carnegie Endowment in Germany told the Daily Mail the covert war is too narrowly focused to indicate involvement of the U.S., which would pick larger targets than individual scientists.

Expanding America's second cyberwar, without acknowledging even the first one

The expansion into attacks and sabotage based on malware – Iran has also admitted an attack by reputed "Son of Stuxnet" virus Duqu – mark the effort to keep Iran out of the nuclear club as one that gives an early preview of what a mixed real-world/cyberwar would look like.

It also worries some nuclear power and security experts that "in going down this route we're unleashing forces we cannot control," Hibbs said.

Cyberwar is unquestionably a great platform for asynchronous warfare – fighting in which small forces are able to challenge or even defeat larger forces with more powerful weapons and detection systems.

Given the level of cyber-attack, defense and reaction in the ongoing conflict with Iran – which responded to the Stuxnet attacks by expanding the cyberattack corps of its semi-official militia and promising retribution hacks of the U.S. – it is clear Iran is a test bed for more than smart, stealthy drones.

Direct attacks on computers in its military facilities, malware attacks on nuclear facilities, a second round of Stuxnet dressed up as Duqu and stealthy flyovers by remote-controlled drones have apparently taken the place of proxy wars, border conflicts, the funding of rival terrorist groups and other Cold-War-era dirty tricks.

That doesn't mean they're any less dirty, or lead to results any less lethal.

Cyberwar involved less killing, less disastrous damage to important facilities and neighboring areas that could be damaged by bombs, a far smaller number of 'warriors' in the fight and far less exposure that could confirm who is responsible for a particular attack and invite reprisals from the enemy, he said.

As the explosions at Iranian facilities during the past two weeks show, cyberwar is inextricably entwined with real war, hacking with killing, intrusions with infiltrations.

Open cyberwar invites more than digital chaos, according to Richard Falkenrath, former deputy commissioner for counterterrorism for the New York Police Department and deputy homeland security adviser.

Open cyberwar will divide the global IT industry into antagonistic camps, encourage both software and hardware makers to build backdoors, bugs and other flaws into products being sold to the enemy, reducing everyone's ability to trust the technology on which they rely.

It also encourages law enforcement agencies to push farther into police-state territory by demanding more access to digital records than the Constitution allows to the old-fashioned kind, Falkenrath wrote.

The result could be a more civil variety of war – one in which systems are killed rather than siblings.

That doesn't mean it will be polite or nonviolent or limited in its damage only to selected enemies or that its result will not make the open Internet even more of a hostile, threatening place than it is now.

Real cyberwar will be pretty unpleasant for everyone involved, and fatal to many, Falkenrath writes.

Cyberwar is more ugly than we thought, more dicey for U.S. than we expected

The only thing obvious so far is that even when U.S. cyberwar capabilities vastly outmatch those of the opponent (Iran), victory is far from guaranteed.

The ongoing tussle with Iran shows we're even uncertain that full-out cyberwar would give any country the leverage to make an enemy change its behavior, or its stance on an important issue.

The ongoing scandal with Chinese data thieves and the mix-up with the Illinois water utility makes it clear the U.S. isn't even sure of its ability to keep its digital infrastructure from being invaded, or even know for sure when it has been.